Lucene search
K

165 matches found

CNNVD
CNNVD
added 2024/10/01 12:0 a.m.7 views

Wiz Code和Wiz (legacy) 安全漏洞

Wiz Code and Wiz legacy are both a Visual Studio Code extension from Wiz, Inc. A security vulnerability exists in Wiz Code versions 1.0.0 through 1.5.3 and Wiz legacy versions 0.13.0 through 0.17.8, which stems from vulnerability to local command injection attacks...

7.1CVSS7.1AI score0.00761EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.9 views

PT-2024-39454 · Microsoft +1 · Visual Studio Code +2

Name of the Vulnerable Software and Affected Versions: Wiz Code Visual Studio Code extension versions 1.0.0 through 1.5.3 Wiz legacy Visual Studio Code extension versions 0.13.0 through 0.17.8 Description: The issue allows for local command injection when a user opens a maliciously crafted...

7.1CVSS7.8AI score0.00761EPSS
Exploits0References8
OSV
OSV
added 2024/09/25 6:12 p.m.7 views

CLSA-2024-1727287647 emacs: Fix of CVE-2024-48337

CVE-2024-48337: fix etags local command injection vulnerability...

5.8AI score
Exploits0References1
NVD
NVD
added 2024/06/28 8:15 p.m.22 views

CVE-2024-3995

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

2CVSS0.00612EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/28 7:46 p.m.30 views

CVE-2024-3995 Command Injection in Helix ALM

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

2CVSS0.00612EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.5 views

PT-2024-28752 · Perforce · Helix Alm

Name of the Vulnerable Software and Affected Versions: Helix ALM versions prior to 2024.2.0 Description: A local command injection issue was identified. The issue was reported by Bryan Riggins. Recommendations: For Helix ALM versions prior to 2024.2.0, update to version 2024.2.0 or later to resol...

2CVSS6.9AI score0.00612EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/28 12:0 a.m.3 views

Perforce Helix ALM Security Vulnerability

Perforce Helix ALM is an application lifecycle management software from Perforce. A security vulnerability exists in Perforce Helix ALM versions prior to 2024.2.0 that stems from the presence of local command injection...

2CVSS6.7AI score0.00612EPSS
Exploits0References2
OSV
OSV
added 2024/02/01 10:15 p.m.3 views

CVE-2024-0325

In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins...

7.8CVSS5.8AI score0.00752EPSS
Exploits0References1
Prion
Prion
added 2024/02/01 10:15 p.m.12 views

Command injection

In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins...

4.3CVSS7.5AI score0.00752EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/02/01 10:3 p.m.42 views

CVE-2024-0325

CVE-2024-0325 concerns a local command injection in Helix Sync versions prior to 2024.1 . The available documents confirm the vulnerability and its local-execution nature but do not provide concrete details on affected versions beyond the 2024.1 cutoff, the exact vulnerable component, or root cau...

7.8CVSS7.8AI score0.00752EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.6 views

Helix Sync Command Injection Vulnerability

perforce Helix Sync is a simplification tool from perforce. A security vulnerability exists in Helix Sync versions prior to 2024.1 that stems from the presence of local command injection...

7.8CVSS6.7AI score0.00752EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/07 12:0 a.m.48 views

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-2120)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.01639EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.70 views

RHEL 9 : emacs (RHSA-2023:2626)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2626 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp,...

9.8CVSS7.8AI score0.01639EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2023/05/09 11:16 a.m.4 views

emacs: local command injection in ruby-mode.el

A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection...

7.3CVSS5.8AI score0.01639EPSS
Exploits0References4
OSV
OSV
added 2023/04/15 9:15 a.m.3 views

CVE-2023-2091

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjustcpufreqscalinggoverner. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been...

7.8CVSS6.4AI score0.01473EPSS
Exploits1References4
OSV
OSV
added 2023/03/13 2:15 p.m.3 views

CVE-2023-0978

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to...

6.7CVSS6.8AI score0.00385EPSS
Exploits0References1
OSV
OSV
added 2023/03/08 7:15 p.m.4 views

CVE-2023-1277

A vulnerability, which was classified as critical, was found in kylin-system-updater up to 1.4.20kord on Ubuntu Kylin. Affected is the function InstallSnap of the component Update Handler. The manipulation leads to command injection. The attack needs to be approached locally. The exploit has been...

7.8CVSS6.3AI score0.01805EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/22 3:21 p.m.43 views

CVE-2021-4326 Imperative Local Command Injection allows Activity Masking

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI...

3.3CVSS8.1AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2023/02/21 6:30 a.m.34 views

CVE-2022-48338

A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection...

7.3CVSS8AI score0.01639EPSS
Exploits0References3
CVE
CVE
added 2023/02/20 12:0 a.m.110 views

CVE-2022-48338

CVE-2022-48338 affects GNU Emacs up to version 28.2, via ruby-mode.el’s function ruby-find-library-file . The vulnerability is a local command injection: the function is interactive and calls external command gem through shell-command-to-string without escaping feature-name parameters, enabling a...

7.3CVSS7.2AI score0.01639EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder